[Security update] Integrate clamAV for uploaded files / attachments scanning (#698)

<!-- Please provide brief information about the PR, what it contains &
its purpose, new behaviors after the change. And let us know here if you
need any help: https://github.com/microsoft/HydraLab/issues/new -->

## Description
Integrate clamAV for uploaded files / attachments scanning
<!-- A few words to explain your changes -->

### Linked GitHub issue ID: #  

## Pull Request Checklist
<!-- Put an x in the boxes that apply. This is simply a reminder of what
we are going to look for before merging your code. -->

- [ ] Tests for the changes have been added (for bug fixes / features)
- [ ] Code compiles correctly with all tests are passed.
- [ ] I've read the [contributing
guide](https://github.com/microsoft/HydraLab/blob/main/CONTRIBUTING.md#making-changes-to-the-code)
and followed the recommended practices.
- [ ] [Wikis](https://github.com/microsoft/HydraLab/wiki) or
[README](https://github.com/microsoft/HydraLab/blob/main/README.md) have
been reviewed and added / updated if needed (for bug fixes / features)

### Does this introduce a breaking change?
*If this introduces a breaking change for Hydra Lab users, please
describe the impact and migration path.*

- [ ] Yes
- [X] No

## How you tested it
*Please make sure the change is tested, you can test it by adding UTs,
do local test and share the screenshots, etc.*
- Test locally in IDE
- Test locally in Docker image

Please check the type of change your PR introduces:
- [ ] Bugfix
- [ ] Feature
- [ ] Technical design
- [ ] Build related changes
- [ ] Refactoring (no functional changes, no api changes)
- [ ] Code style update (formatting, renaming) or Documentation content
changes
- [X] Other (please describe): 
Security enhancement

### Feature UI screenshots or Technical design diagrams
*If this is a relatively large or complex change, kick it off by drawing
the tech design with PlantUML and explaining why you chose the solution
you did and what alternatives you considered, etc...*

Co-authored-by: MaX ES Bot <[email protected]>

Author: olivershen-wow

center/Dockerfile

@@ -29,11 +29,18 @@ RUN \
     apt-get install -y cron && \
     apt-get install -y vim && \
     apt-get install -y sysstat && \
+    apt-get install -y clamav && \
+    freshclam && \
+    apt-get install -y clamav-daemon && \
+    mkdir -p /var/run/clamav && \
+    chown clamav:clamav /var/run/clamav && \
+    chmod 755 /var/run/clamav && \
     mkdir -p /hydra/data
 
 COPY ${STARTUP_FOLDER_PATH}/prometheus-2.36.2.linux-amd64.tar.gz /opt/
 COPY ${STARTUP_FOLDER_PATH}/pushgateway-1.4.3.linux-amd64.tar.gz /opt/
 COPY ${STARTUP_FOLDER_PATH}/grafana-enterprise-9.0.1.linux-amd64.tar.gz /opt/
+COPY ${STARTUP_FOLDER_PATH}/clamAV/clamd.conf /opt/
 
 RUN cd /opt/ && \
     tar -zxvf prometheus-2.36.2.linux-amd64.tar.gz && \

center/build.gradle

@@ -51,6 +51,7 @@ dependencies {
 //    compile group: 'org.postgresql', name: 'postgresql', version: '42.2.14'
 
     compile group: 'org.springframework.security', name: 'spring-security-oauth2-client', version: '5.2.2.RELEASE'
+    compile group: 'xyz.capybara', name: 'clamav-client', version: '2.1.2'
     compile group: 'com.azure', name: 'azure-ai-openai', version: '1.0.0-beta.3'
 
     compile('org.springdoc:springdoc-openapi-core:1.1.49')